Data Security & Privacy
CTI’s Compliance With Rigorous Standards
CTI is certified and in accordance with ISO/IEC 27001:2013.
ISO 27001 Information Security Management Certification
In an age when security breaches routinely make the news, protecting your data is more important than ever before. Knowing that our clients entrust us with financial, research and development, employee and other sensitive information, we joined the elite group of companies that have achieved ISO/IEC 27001:2005 certification. Commonly known as ISO 27001, this international certification signifies that our tax software complies with the world’s most rigorous information security standards.
What ISO 27001 Certification Encompasses
ISO 27001 provides an exhaustive set of best practices to establish, maintain and improve an information security management system (ISMS) that protects data throughout every corner of the company. Rather than rely on tools and technology alone, ISO 27001 standards involve the organization’s people and processes, so that everything and everyone works together to keep your information secure.
We choose to work with a company that specializes in helping companies implement ISO 27001 best practices and, once achieved, certifies that the company’s ISMS meets the ISO 27001 standards in areas that include:
- Establishing controls so that only properly credentialed employees and approved tax software applications may access information
- Involving senior-level management in establishing security policies, maintaining standards and promoting improvements
- Governing human resources activities for employee hiring, training, moves and departures
- Installing physical and environmental security systems in all company locations
- Guiding organizations’ policies and processes on how data is categorized, inventoried and managed in the tax software system
- Building security measures into all applications on all company computers
- Outlining response and disaster-recovery plans if a breach occurs to the tax software, immediately notifying affected clients and following step-by-step processes to close the breach, restore security, recover data and resume operations
Ongoing Improvement Requirements
Perhaps the most critical feature of ISO 27001 certification is that it requires a yearly audit to verify that a company’s ISMS meets the highest data-protection standards and demonstrates continuing improvements toward ever-higher security standards.
We welcome your questions about our tax software system and the ISO 27001 security certification process. You may also read more about the standard at ISO 27001.